Detailed guide: Report an operational issue on the Public Services Network (PSN)

How to report PSN operational issues

We expect organisations to manage their own communications and updates, but we may also issue our own.

Our role is operational, not commercial. We will inform contractual and framework authorities where commercial engagement is required.

All PSN-connected organisations are expected to follow our service management good practice.

Report a PSN incident or problem, or help resolve one

Complete the PSN incident form to report an incident or problem to the PSN team.

All incidents and problems must first be raised with the organisation that provides your service. The service agreements and the escalation paths you have with your service providers are the best route to fixing most things quickly.

Tell us about your incident or problem using the form if:

• your service providers won’t accept ownership of the incident or problem
• you need the PSN team to get your service providers to work together to resolve the incident or problem
• you suspect that there is a fault with a core PSN network service (not just your own connection)
• your service provider is persistently failing to meet its service commitments especially if it has a critical impact on your organisation performing its statutory obligations.

If you report an incident or problem to us that we can help with, we can oblige PSN-connected organisations to work together, under our direction, to help fix it.

This is an office-hours service. Outside of office hours the service is best endeavours.

We will contact organisations that can help resolve your incident or problem and track any actions agreed. If we contact you to help resolve an incident or problem, we expect you to respond as you would for one of your own customers or users.

The type of incident or problem will dictate how urgently actions must be completed.

We can’t take ownership of incidents or problems reported to us because it’s the service providers who are responsible for them, and we don’t know the services as well as they do. However, we will raise our own PSN problem if there is a root cause that we can help with.

PSN incident and problem types

We classify the incidents reported to us so that we know how we should respond. The different classifcations are:

• system-wide incidents or problems impact PSN core services [link], impairing several customers’ ability to perform critical government business
• major incidents or problems impair a customer’s ability to perform critical government business
• emergency security incidents are system-wide or major incidents where a security vulnerability is being exploited
• security incidents are any other incident where a security vulnerability i is being or has been exploited

PSN core services

PSN core services are essential to creating the effect of a single network, and customers’ access to business services depend on them. They are:

• the Government Conveyance Network (GCN)
• the Direct Network Service Provider services (DNSPs)
• the Inter-Provider Encryption Domain (IPED)
• the PSN and GCF Domain Name Services (DNS)
• the PSN Public Key Directory (PKD)
• the legacy GCF mail relay
• the peer-to-peer interconnect

Problems raised by the PSN team

We will analyse all incidents and problems reported to us and raise our own separate PSN problem if the suspected root cause is:

• PSN design related
• PSN core service related
• PSN team issue
• compliance failure
• persistent supplier service issue
• persistent customer issue

We will not raise a separate PSN problem if the suspected root cause is:

• isolated supplier service issue
• isolated customer issue
• malicious activity Any reported problems caused by these can be managed without our involvement.

We will contact the organisations that can help in the resolution of a PSN problem and track any actions agreed.

If we contact you to help resolve a PSN problem, we expect you to respond as you would for one of your own customers or users.

We will issue our own communications and updates for the PSN problems that we are managing.

We will monitor the root causes of PSN problems to look for trends and improve PSN.

PSN root cause types

A problem raised by the PSN team will have a root cause. We classify the root causes into the types listed below to clarify where the responsibility lies to address the cause.

PSN design related

A feature of the design of PSN is causing the problem. The PSN design includes all technical interoperability, security, governance, service management and commercial standards.

PSN core service related

A PSN core service is causing the problem. The problem might be how the service is specified or built, or that the service might be degraded, overloaded or have failed.

PSN team issue

The way the PSN team is working is causing the problem. The problem might be process failure, resourcing or training related.

Compliance failure

A connection’s failure to meet PSN compliance conditions is causing the problem. The failure might be due to a connection failing to meet any of the technical interoperability, security, governance, service management or commercial standards.

Supplier service issue

The problem is being caused by a service failing, degrading or overloading, or not meeting the expectations of its customers.

Customer issue

The problem is being caused by a customer service organisation not meeting the expectations of its own users.

Malicious activity

Nefarious cyber activity is causing the problem. Such activity includes information gathering, intrusion attempts, fraud, abusive content or malicious code.

Report an emergency security incident

You should report emergency security incidents to GovCertUK, the government’s Computer Emergency Response Team (CERT). They assist public sector organisations in responding to computer security incidents and provide advice to reduce your threat exposure. When reporting an emergency security incident to GovCertUK, please also let the PSN team know psnservicedesk@digital.cabinet-office.gov.uk.

CERT UK will provide national cyber-security incident management if your incident is a threat to the Critical National Infrastructure (CNI).

Alert other GCN or IPED providers directly about an operational issue, or respond to an alert

Both the GCN and IPED require different service providers to work together operationally to deliver an integrated service. The providers of these services are dependent upon one another, and need to know quickly about one another’s operational issues.

If you are a GCN service provider, or if you are an IPED service provider, you need to tell the other GCN/ IPED service providers quickly about the following if they have a potential to impact the broader GCN or IPED service:

• incidents
• problems
• overloaded or degraded performance
• scheduled and unscheduled changes

GCN service providers should alert one another by emailing the GCN group psn-gcn@digital.cabinet-office.gov.uk. IPED service providers should alert one another by emailing the IPED group psn-iped@digital.cabinet-office.gov.uk. You can only email these groups if you are a member. Contact the PSN team psnservicedesk@digital.cabinet-office.gov.uk to become a member.

If you email these groups, there is no need to report an incident or problem to the PSN team separately.

If you are a GCN or IPED service provider you should review the alerts received and assess whether the issue impacts the service being delivered to your customers. You should tell the group what you plan to do by emailing a response.

You should make your own decisions about how to respond to these alerts, but you need to inform your customers if there is any risk of degradation of service.

Alert the GCN providers about a significant step-change in capacity demand, or respond to an alert

If you are a GCN, DNSP or an IPED service provider you need to alert the GCN group by email psn-gcn@digital.cabinet-office.gov.uk about any potential or confirmed step changes in demand for your service, to give GCN service providers as much notice as possible to respond to the new capacity demand.

You can only email the GCN group if you are a member. Contact the PSN team psnservicedesk@digital.cabinet-office.gov.uk to become a member.

If you are a GCN service provider you should assess the capacity alerts received and adjust your own capacity if is appropriate to do so. You should make your own investment decisions and capacity plans, but you need to inform your customers if there is any risk of degradation of service.

Report an operational issue to the PSN team that might impact critical government business

Impacted customers should, in the first instance, feed back down their supply chain any concerns they have about operational issues such as maintenance or service changes causing disruption.

If you have tried your supply chain and you still have a concern, then you should escalate this to the PSN team by emailing psnservicedesk@digital.cabinet-office.gov.uk.